(PECL pecl_http >= 0.10.0)
HttpRequest::setSslOptions — Set ssl options
$options
] )Set SSL options.
options
an associative array containing any SSL specific options; if empty or omitted, the SSL options will be reset
成功时返回 TRUE, 或者在失败时返回 FALSE。
coder.ua[at]gmail.com (2012-10-25 18:11:11)
Array with ssl options have next format.
Also, I have made the appropriate with cURL options.
<?php
$options = array(
// The name of a file containing a PEM formatted certificate.
'cert' => '', // CURLOPT_SSLCERT
// The format of the certificate. Supported formats are "PEM" (default), "DER", and "ENG".
'certtype' => '', // CURLOPT_SSLCERTTYPE
// The password required to use the 'cert' certificate.
'certpasswd' => '', // CURLOPT_SSLCERTPASSWD
// The name of a file containing a private SSL key.
'key' => '', // CURLOPT_SSLKEY,
// The key type of the private SSL key specified in 'key'. Supported key types are "PEM" (default), "DER", and "ENG"
'keytype' => '', // CURLOPT_SSLKEYTYPE
// The secret password needed to use the private SSL key specified in 'key'
'keypasswd' => '', // CURLOPT_SSLKEYPASSWD
// The identifier for the crypto engine of the private SSL key specified in 'key'
'engine' => '', // CURLOPT_SSLENGINE
// The SSL version (2 or 3) to use. By default PHP will try to determine this itself, although in some cases this must be set manually
'version' => 2, // CURLOPT_SSLVERSION
// FALSE to stop cURL from verifying the peer's certificate. Alternate certificates to verify against can be specified with the 'cainfo' option or a certificate directory can be specified with the 'capath' option
'verifypeer' => FALSE, // CURLOPT_SSL_VERIFYPEER
// 1 to check the existence of a common name in the SSL peer certificate. 2 to check the existence of a common name and also verify that it matches the hostname provided. In production environments the value of this option should be kept at 2 (default value).
'verifyhost' => 1, // CURLOPT_SSL_VERIFYHOST
// A list of ciphers to use for SSL. For example, RC4-SHA and TLSv1 are valid cipher lists.
'cipher_list' => '', // CURLOPT_SSL_CIPHER_LIST
// The name of a file holding one or more certificates to verify the peer with. This only makes sense when used in combination with 'verifypeer'.
'cainfo' => '', // CURLOPT_CAINFO
// A directory that holds multiple CA certificates. Use this option alongside 'verifypeer'
'capath' => '', // CURLOPT_CAPATH
// A filename to be used to seed the random number generator for SSL
'random_file' => '', // CURLOPT_RANDOM_FILE
// Like 'random_file', except a filename to an Entropy Gathering Daemon socket
'egdsocket' => '', // CURLOPT_EGDSOCKET
);
?>
Small example:
<?php
$request = new HttpRequest('http://example.com/');
$ssl_options = array('verifypeer' => TRUE,
'verifyhost' => 1,
'cert' => '/cert/mycert.pem',
'certtype' => 'PEM',
'cainfo' => '/cert/ca.crt',
'version' => 3,
'certpasswd' => 'pazzword'
);
$request->setSslOptions($ssl_options);
var_dump($request->getSslOptions());
/*
* RESULT
Array
(
[verifypeer] => 1
[verifyhost] => 1
[cert] => /cert/mycert.pem
[certtype] => PEM
[cainfo] => /cert/ca.crt
[version] => 3
[certpasswd] => pazzword
)
*/
?>
Andy Christianson (2008-07-24 10:12:05)
This page does not describe the possible keys for the input array.
Here are the SSL option keys from the cURL source code as of 2008-07-24:
CERT: String that holds file name of the SSL certificate to use
CERTTYPE: String that holds file type of the SSL certificate to use
KEY: String that holds file name of the SSL certificate to use
KEYTYPE: String that holds file type of the SSL certificate to use
PASSWD: String that holds the SSL or SSH private key password.
ENGINE: String that holds the SSL crypto engine.
ENGINE_DEFAULT: flag to set engine as default.